Tag Terraform Module Launched!

Nidhi Patel
Google Cloud - Community
3 min readJan 8, 2024

This blog gives a high level overview of why to use Terraform Modules and information about my newly launched terraform-tag-module module.

Conquering Infrastructure Complexity: Why Terraform Modules Are Your Secret Weapon

As infrastructure scales, managing its configuration can quickly become a tangled mess. Terraform, with its magic of infrastructure as code, offers a beacon of hope. But even with Terraform, sprawling configurations can become overwhelming. This is where Terraform modules emerge as your knight in shining armor.

Terraform modules allow you to package related infrastructure resources and functionalities into self-contained units. Think of them as Lego blocks for your infrastructure — you can snap them together to build complex systems without reinventing the wheel each time.

But the advantages of Terraform modules go far beyond mere organization. Here’s how they can transform your infrastructure workflow:

  • Reusability: Share and reuse modules across projects, eliminating repetitive coding and ensuring consistency.
  • Maintainability: Keep your code clean and modular, making it easier to understand, update, and debug.
  • Community Power: Leverage publicly available modules, saving time and effort on common infrastructure components.
  • Reduced Errors: Encapsulate best practices and configurations within modules, minimizing errors and promoting standardization.
  • Improved Efficiency: Focus on the unique aspects of your infrastructure, leaving the boilerplate to pre-built modules.

Introducing Tags

Tags provide a way to create annotations for resources, and in some cases conditionally allow or deny policies based on whether a resource has a specific tag. You can use tags and conditional enforcement of policies for fine-grained control across your resource hierarchy. Please checkout the official documentation to get more details about Tags.

Some services, such as Identity and Access Management (IAM), are policy engines that support references by tags. If you can attach a tag to a service resource, and the policy engine service supports that resource, you can then leverage the conditional enforcement of policies to better control your resource hierarchy. Each policy engine service lists the resources it supports in the Policy engine services section. Please checkout the Supported service resources before getting started.

Pre Requisites

  • Basic Understanding of Terraform
  • Access to Google Cloud Platform
  • Support for tag for specific service resources
  • [Click Here] To enable Resource Manager and Identity and Access Management (IAM) API

Terraform Module Details

Refer this tutorial which shows how to use a terraform module in your terraform code.

Example

Below is an example to create a tag key with multiple values and bind it to a project and a cloud storage bucket.

Step1: Create a Cloud Storage Bucket

module "cloud-storage_example_simple_bucket" {
source = "terraform-google-modules/cloud-storage/google//examples/simple_bucket"
version = "5.0.0"
project_id = <PROJECT_ID>
}

Step2: Create a tag key to bind values to Cloud Storage Bucket along with the Project

module "tags" {
source = "GoogleCloudPlatform/tags/google"
version = "0.1.0"
tag_for = "project"
project_number = "<PROJECT-NUMBER>"
key = "key1"
key_description = "first key"
value_specs = [{
value = "value1"
description = "first value"
tag_binding = { "global" : ["//cloudresourcemanager.googleapis.com/projects/<PROJECT-NUMBER>"],
"us" : ["//storage.googleapis.com/projects/_/buckets/<PROJECT-ID>-bucket"] }
}, {
value = "value3"
description = "third value"
tag_binding = {}
}
]
}

Conclusion

In conclusion users can use Tag Module to create tags and bind them with google cloud services. Examples shown above should help users implement the tag bindings.

References

Checkout my Google Cloud Blog for additional details like input parameters. Happy Reading!

--

--